Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/buwKy6S6tZOzNiUss8RA_lVmQM0.roa
File: buwKy6S6tZOzNiUss8RA_lVmQM0.roa (raw, json)
Hash identifier: ByTOJ/qN5apXOAKQe8lOhNSuHxp9R3YpK/ZEzxfJZWA=
Subject key identifier: 6E:EC:0A:CB:A4:BA:B5:93:B3:36:25:2C:B3:C4:40:FE:55:66:40:CD
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 018F293A11F46AEA88D261811433CA60C177
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/buwKy6S6tZOzNiUss8RA_lVmQM0.roa
Signing time: Mon 29 Apr 2024 09:40:22 +0000
ROA not before: Mon 29 Apr 2024 09:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34568
IP address blocks: 77.87.248.0/21 maxlen: 24
84.246.120.0/21 maxlen: 24
185.217.192.0/22 maxlen: 24
193.138.81.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:3a:11:f4:6a:ea:88:d2:61:81:14:33:ca:60:c1:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Apr 29 09:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eec0acba4bab593b336252cb3c440fe556640cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f6:2c:32:a0:b6:d7:ba:8a:5b:25:2f:22:24:
23:ad:a9:16:78:11:4c:d1:9f:5a:6a:4a:ac:a4:a7:
f3:91:46:e3:a6:f3:71:81:71:14:45:6a:64:3e:94:
1b:44:64:59:fb:c8:b6:0d:3d:bd:a4:44:79:6e:8f:
f2:96:5a:e8:5a:75:4c:46:f6:bf:80:7b:01:9c:13:
05:85:2a:cc:98:9f:12:40:ea:44:53:50:c4:0f:60:
36:2b:5b:b3:c3:fd:34:e1:b4:fd:64:e0:81:38:60:
3a:1e:9d:5e:b8:f9:78:c5:09:c0:4e:0b:b1:19:bf:
e7:3e:06:0a:8e:aa:cd:82:f3:13:23:56:4a:6a:3f:
ca:06:16:8d:cd:8f:27:9d:a9:ce:9b:92:24:28:4d:
bb:10:38:ff:24:d0:6f:95:43:a0:cb:ff:06:3f:69:
bc:f2:8c:6d:4a:05:23:28:ac:ef:1b:49:9f:55:2c:
7e:26:16:01:15:41:6f:00:ca:8f:39:58:d7:b5:b8:
45:61:b0:c0:aa:46:a8:d8:0a:68:5d:b6:91:bb:a4:
bd:8e:42:e1:73:74:1f:11:f9:8d:df:27:4d:5c:25:
87:9a:d3:2b:b7:dd:7d:c4:c8:41:bd:4b:3e:53:7b:
86:ee:00:87:f9:78:a5:99:d1:99:54:db:5c:a1:83:
e6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EC:0A:CB:A4:BA:B5:93:B3:36:25:2C:B3:C4:40:FE:55:66:40:CD
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/buwKy6S6tZOzNiUss8RA_lVmQM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
185.217.192.0/22
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
7d:2b:f5:3d:dc:bd:e5:75:c0:77:4d:75:c3:04:54:ba:87:30:
04:46:a5:13:5a:a4:7a:4e:f3:4a:64:ab:42:dd:67:93:d3:e8:
8a:76:c3:27:20:31:76:a5:24:96:6a:2a:68:69:d9:f9:8e:f4:
c0:40:44:33:cb:16:c4:41:b3:e3:f4:0e:20:d2:e7:9f:15:5b:
a5:a4:d2:76:72:b8:be:06:17:e3:99:a5:89:81:0a:45:ae:ca:
5a:be:b5:94:8c:69:2a:e3:44:1b:65:e8:32:ce:19:d2:73:fd:
90:b3:47:40:5a:d3:e9:51:37:f6:16:2a:1a:fb:84:9b:cd:a4:
e0:02:50:54:4a:98:94:4b:88:7e:9a:6c:18:54:69:55:a0:9c:
b9:52:9b:bd:25:37:fd:58:7d:26:05:0d:9e:3f:ba:11:03:a4:
fb:5b:88:cd:a9:b5:40:6d:22:79:66:74:00:08:38:65:35:d9:
1d:c2:4a:9f:b1:4f:f0:e1:6b:2f:d9:fa:7c:50:7a:19:bd:89:
01:ca:e3:c6:c8:06:a7:fb:99:d6:1e:46:41:6a:be:3e:aa:6f:
2a:62:27:de:b3:ed:71:dd:dd:b0:11:61:4f:e0:b4:49:0f:96:
79:87:01:02:53:4e:06:3f:07:9f:74:47:f6:9e:c7:2a:e7:41:
3a:f9:0d:b5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY8pOhH0auqI0mGBFDPKYMF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjQwNDI5MDk0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWVjMGFjYmE0YmFiNTkzYjMzNjI1MmNiM2M0NDBmZTU1NjY0MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPYsMqC217qKWyUvIiQjrakWeBFM
0Z9aakqspKfzkUbjpvNxgXEURWpkPpQbRGRZ+8i2DT29pER5bo/yllroWnVMRva/
gHsBnBMFhSrMmJ8SQOpEU1DED2A2K1uzw/004bT9ZOCBOGA6Hp1euPl4xQnATgux
Gb/nPgYKjqrNgvMTI1ZKaj/KBhaNzY8nnanOm5IkKE27EDj/JNBvlUOgy/8GP2m8
8oxtSgUjKKzvG0mfVSx+JhYBFUFvAMqPOVjXtbhFYbDAqkao2ApoXbaRu6S9jkLh
c3QfEfmN3ydNXCWHmtMrt919xMhBvUs+U3uG7gCH+XilmdGZVNtcoYPmLwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG7sCsukurWTszYlLLPEQP5VZkDNMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvYnV3S3k2UzZ0Wk96TmlVc3M4UkFfbFZtUU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTVf4AwQD
VPZ4AwQCudnAAwQAwYpRAwQBwnTqMA0EAgACMAcDBQAqAQH4MA0GCSqGSIb3DQEB
CwUAA4IBAQB9K/U93L3ldcB3TXXDBFS6hzAERqUTWqR6TvNKZKtC3WeT0+iKdsMn
IDF2pSSWaipoadn5jvTAQEQzyxbEQbPj9A4g0uefFVulpNJ2cri+BhfjmaWJgQpF
rspavrWUjGkq40QbZegyzhnSc/2Qs0dAWtPpUTf2Fioa+4SbzaTgAlBUSpiUS4h+
mmwYVGlVoJy5Upu9JTf9WH0mBQ2eP7oRA6T7W4jNqbVAbSJ5ZnQACDhlNdkdwkqf
sU/w4Wsv2fp8UHoZvYkByuPGyAan+5nWHkZBar4+qm8qYifes+1x3d2wEWFP4LRJ
D5Z5hwECU04GPwefdEf2nscq50E6+Q21
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:04:06 2024 by rpki-client on console-ams.rpki-client.org